eliminates the global variable for tracking which nibble is
to be decoded by taking advantage of the fact that half octet IEs always occur
in pairs, and thus a pair can be grouped together for decoding.
There was probably also some confusion caused by the macros UPPER_NIBBLE and
LOWER_NIBBLE because the GSM bit numbering is opposite to Wireshark internal
numbering, so I have changed these to be LEFT_NIBBLE and RIGHT_NIBBLE, which
corresponds to the display format in Wireshark.
The dissection order of half octet IEs has been adjusted where necessary to
align with the ordering shown in the GSM specifications.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6658
svn path=/trunk/; revision=40157
Do more length checks, so we reject trailers that have nothing to
dissect.
Test for the trailer length being >= 8, rather than for having the 0x08
bit set (they amount to the same thing, as the trailer length is <= 14,
and >= 8 is what we really want if we're checking whether there's a
timestamp).
svn path=/trunk/; revision=40142
Some commands and IEs from the current release of Asterisk are missing from the
IAX protocol dissector. This patch provides them.
svn path=/trunk/; revision=40141
ASCONF and ASCONF_ACK chunks have a "Sequence Number" field (RFC 5061, 4.1.1
and 4.1.2). The dissector wrongly calls it "Serial number". The attached patch
fixes this issue.
svn path=/trunk/; revision=40140
ZigBee ZCL Dissector reports invalid status
The status code 0x8d contained in an attriute status record in a configure reporting response frame is incorrectly displayed as "Write only" (where WRITE_ONLY = 0x8f). According to the ZigBee Cluster Library Specification, Document 075123r03ZB, April 26, 2010 a status of 0x8d should display as "INVALID_DATA_TYPE"
From me :
Fix this issue (Wrong value define) based on Specs available in ZigBee.org
svn path=/trunk/; revision=40133
Mesh Peering Management reason code field interpreted as status code
The Mesh Peering Management tag displays a status code instead of a reason code
svn path=/trunk/; revision=40132
It's tedious to parse the blockack bitmap by hand, showing it in wireshark
directly is much nicer. Attached patch does so, only for compressed BA for now.
From me: made it filterable.
svn path=/trunk/; revision=40126
- ... and make that distinction configurable for capture files that do not have padding in small frames, but do have trailers
- Add VSS-Monitoring dissector to show by the TAP inserted time- and portstamps
svn path=/trunk/; revision=40108
The offset in "Cell Selection Indicator after Release of all TCH and SDCCH" was not correct because the length was element was decoded twice. So I removed the second decoding of the length.
svn path=/trunk/; revision=40088
self-contradictory (it's 4 bits, not 8). Furthermore, the C language
doesn't support "unsigned char" as a bitfield type; some compilers might
accept that, but if you crank up the warning levels, even GCC will warn
about that.
svn path=/trunk/; revision=40078
officially listed as "Unassigned", and people might use it for their own
purposes (and, in fact, one bug-submitter was doing so; they probably
should have used 253 or 254, but...). Get rid of the code to dissect
it.
svn path=/trunk/; revision=40075
This patch covers following -
i) Support for detecting OSPFv2 Opaque RI LSA. (RFC4970)
ii) Support for detecting OSPFv2 RI Capabilities TLV (RFC4970)
iii) Support for detecting OSPF Dynamic Hostname TLV (RFC5642)
iv) As per RFC4970, support for detecting RI LSA for OSPFv3 as well.
svn path=/trunk/; revision=40073
dissector for ELCOM communication protocol. This protocol is
used mainly by power utilities, to exchange historical, cyclic, and event based
data between SCADA systems.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6616
svn path=/trunk/; revision=40071
Add S1 related info to the DRX parameter dissection (IE
common to 2G/3G/LTE) as specified in 3GPP 24.301 Release 9.8.0 chapter 10.5.5.6.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6642
svn path=/trunk/; revision=40070
Show SDU lengths for UM PDUs.
Also, if the logged pduLength is < the real RLC PDU length, show that the length of the last segment is unknown.
svn path=/trunk/; revision=40067
updates the decoding of the Test Procedures functions
described in 3GPP 44.014, 34.109 and 36.509.
It also fixes a small issue where Wireshark was trying to decode the skip
indicator as a transaction identifier for those messages.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6638
svn path=/trunk/; revision=40064
- set extent of headers item properly
- show in the info column what the data would look like, based upon reported length and segment offsets
svn path=/trunk/; revision=40062
adds to the Protocol Configuration Options the decoding of
the following container identifiers:
- Selected Bearer Control Mode
- DSMIPv6 Home Agent Address
- DSMIPv6 Home Network Prefix
- DSMIPv6 IPv4 Home Agent Address
- P-CSCF IPv4 Address
- DNS Server IPv4 Address
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6636
svn path=/trunk/; revision=40057
Currently Wireshark limits the Access Point Name length to 50 bytes. But
according to 3GPP 24.008 chapter 10.5.6.1, the maximum length is 100 bytes (102
bytes minus the IEI and length fields) and not 50.
The attached patch increases the MAX_APN_LENGTH define value and allow the
correct display of an APN with a size greater than 50 bytes.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6628
svn path=/trunk/; revision=40044
Add this new ID in GRE dissector
The frame with the new GRE ID is not 802.11 frame such as 80XX GRE ID but a 802.3 frame with curious ethertype (8211 the same id with PAPI Protocol...)
svn path=/trunk/; revision=40039
For now use Jeff's fix:
"The REAL problem is that the GSM_MAP dissector is using this value_string_ext
in the hf without BASE_EXT_STRING:
{ &hf_gsm_old_localValue,
{ "localValue", "gsm_old.localValue",
FT_INT32, BASE_DEC, &gsm_old_GSMMAPOperationLocalvalue_vals_ext, 0,
"OperationLocalvalue", HFILL }},
This, in turn, appears to be caused because OperationLocalValue is an alias
for/of GSMMAPOperationLocalValue and only the latter is defined with
.USE_VALS_EXT.
I can fix it by doing:
Index: asn1/gsm_map/gsm_map.cnf
===================================================================
--- asn1/gsm_map/gsm_map.cnf (revision 39628)
+++ asn1/gsm_map/gsm_map.cnf (working copy)
@@ -54,6 +54,7 @@
#.USE_VALS_EXT
GSMMAPOperationLocalvalue
+OperationLocalvalue
#.EXPORTS
AddressString
But it seems to be that asn2wrs should arguably be figuring this out on its
own."
svn path=/trunk/; revision=40033
Part of patch:
2. BFD extension has been added as per RFC 6428, to decode the BFD packet with
ACH encapsulation(without IP/UDP header encapsulation). The channel type in ACH
header identifies the BFD payload as BFD CC or CV packet. Also decoding for
MPLS-TP source MEP-ID TLV in BFD CV packet has been added.
applied with a change to add packet-bfd.h
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40029
LSP Ping extension has been added as per RFC 6426, to decode the LSP Ping
packet with ACH encapsulation(without IP/UDP header encapsulation). The channel
type in ACH header identifies the LSP Ping packet. Also support for decoding
new TLVs and Sub-TLVs defined in the RFC 6426 has been provided.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40028
BFD extension has been added as per RFC 6428, to decode the BFD packet with
ACH encapsulation(without IP/UDP header encapsulation). The channel type in ACH
header identifies the BFD payload as BFD CC or CV packet. Also decoding for
MPLS-TP source MEP-ID TLV in BFD CV packet has been added.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6610#add_comment
svn path=/trunk/; revision=40027
- Removed some mpls preferences which are no longer relevant/needed like
decode PWAC payloads as PPP traffic and assume all channel types except 0x21
are raw BFD.
- MPLS extension from PW-ACH to MPLS Generic Associated Channel as per RFC 5586
- Updated Pseudowire Associated Channel Types as per
http://www.iana.org/assignments/pwe3-parameters
- Updated the VCCV bitmaps as per RFC 5885
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6574
svn path=/trunk/; revision=40026
Strictly speaking, it appears that __except(EXCEPTION_EXECUTE_HANDLER)
rather than __exept(TRUE) should be used altho in actuality there's
no difference since TRUE (as defined by GLIB) == EXCEPTION_EXECUTE_HANDLER.
svn path=/trunk/; revision=40022
- Remove unneeded #includes;
- Use val_to_str_const() in several places;
- Reformat long lines;
- Fix whitepace and indentation.
svn path=/trunk/; revision=40016
kNet (KristalliNet) dissector for Wireshark
kNet is a connection-oriented network protocol for transmitting arbitrary application-specific messages between network hosts. It is designed primarily for applications that require a method for rapid space-efficient real-time communication. kNet is an application-level protocol which can be ran either over UDP, TCP or SCTP transports.
From me :
* Add Modelines information and fix trailing whitespace
* Merge packet-knet.h in packet-knet.c
* Make Checkhf happy
* Fix Clang/GCC Warning about unused variable
* Add Authors info & CMakeList.txt
svn path=/trunk/; revision=40010
- Use a (slightly) less simplistic hashing algorithm to reduce collisions;
Note: A GHashTable which handles collisions rather than
a home-grown hash table (which does not) needs to be implemented.
- Don't replace an existing template in the cache when a collision occurs;
Fixes Bug #6325https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6325
svn path=/trunk/; revision=39990
added the display of intermediate value used to decode ARFCN in
range 1024/256 format.
So now the W(n) values can be displayed and localised in the tvb buffer.
The code was reworked a little to use the get_bit functions.
svn path=/trunk/; revision=39976
- SASL authentication support - improved (and correct) state machine.
- indention, tab fixes
- macro to fetch PDU, simplifying the code (and improving its readability)
- properly show the length of agent messages and align them under the right tree.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6589
From me: Fix some indentation & remove some trailing whitespace.
svn path=/trunk/; revision=39972
packet-x11.c: hundreds of:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h: In function ‘xselinuxGetClientContext’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h:27994:9: warning: variable ‘f_resource’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/x11-extension-implementation.h: In function ‘xselinuxGetClientContext_Reply’:
dissectors/packet-dcerpc-mapi.c: set but not used
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_Release_req’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8592:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_Release_repl’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8617:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c: In function ‘mapi_dissect_struct_RecipSMTP’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-mapi.c:8848:14: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
dissecots/packet-dcerpc-drsuapi.c: set but not used
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-drsuapi.c: In function ‘drsuapi_dissect_DsGetNCChangesCtr7’:
/home/jmayer/work/wireshark/svn/trunk/epan/dissectors/packet-dcerpc-drsuapi.c:2920:17: warning: variable ‘tree’ set but not used [-Wunused-but-set-variable]
Btw.: Does it really make sense to use an extra CMakefile for the dcerpc/ dir?
I'd rather the the idl2wrs.c in tools/ and the generatorstuff in epan/CMake
More files with the same problem.
svn path=/trunk/; revision=39968
loop, otherwise you get stuck in an infinite loop.
(Where in RFC 3261 does it mention the use of commas in URI parameters?)
Should fix bug 6598.
svn path=/trunk/; revision=39952
- add lookup for "unknown" channel type dissector (mode is known)
- set length extent for SUFI root item
- show data frames in the info column (at least for AM...)
DCT:
- call RLCDCH with "unknown" channel type (as don't know whether IP or RRC)
- support R9
svn path=/trunk/; revision=39846
* Remove struct and sizeof
* Replace proto_tree_add_* by proto_tree_add_item
* Replace CPHA function (report2str, opcode2str...) by standard Wireshark functions
* and minor bug fix
svn path=/trunk/; revision=39844
packet-reload.c:2875:13: warning: Although the value stored to
'local_offset' is used in the enclosing expression, the value is
never actually read from 'local_offset'
although as I read the C90 spec the code is doing pretty much what it
should be doing and the rewritten code does the same thing. However,
it's also a bit more complicated and harder to read than the rewritten
code.
svn path=/trunk/; revision=39840
we can't bail out early on dissection merely because we're not
constructing the protocol tree, as that would mean we wouldn't construct
the Info column unless we're constructing a protocol tree.
Clean up indentation.
svn path=/trunk/; revision=39821
it into a gint, instead. This should fix bug 6572, by preventing an
infinite loop if the sum in question is 0 modulo 2^16.
svn path=/trunk/; revision=39817
Enhance XMPP Dissector
XMPP is communication protocol that is based on XML.
Existing Jabber dissector has only few filtering possibilities and displays packets in inconvenient way.
This dissector is a result of cooperation with Jitsi community as Google Summer of Code project (http://www.jitsi.org/index.php/GSOC2011/XmppWireshark).
From me :
Add Mariusz Okrój in AUTHORS File
Add Modelines information
svn path=/trunk/; revision=39799
(in some cases by changing proto_tree_add_item() to use
what appears to be the correct 'tree' arg);
Do whitespace cleanup.
svn path=/trunk/; revision=39772
packet-ajp13 fails to detect end of request body
AJP13 may use two different packets to signify end of request body;
either zero length packet, or packet with zero length content. The ajp13
dissector already recognizes the former; this patch adds support for the
latter.
svn path=/trunk/; revision=39752
Dissector for the USB Integrated Circuit Card Interface Device Class (CCID)
I've implemented a reasonable subset of a dissector for the USB CCID specification (as described at http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.pdf), during the course of experimenting with an ACS ACR122U ISO 14443 card reader and MiFare tokens.
It currently identifies all of the message types listed in that specification,ng.
From me:
* Fix Clang Warning
* Remove trailing whitespace from lines
* Fix Checkhf (Remove a unused entry)
* Added packet-rfid-mifare to Makefile.common and CMakeLists.txt
svn path=/trunk/; revision=39750
Bill Meier